Allowed Vlans on trunk links – Some tips for troubleshooting and configuration.

When a trunk link is configured, by default trunk allows all Vlan traffic to flow on trunk link. However, only the desired set of Vlans can be allowed on trunk link and remaining can be denied by configuring the following interface level command.

Switchport trunk allowed vlan (<vlan 1>, <vlan 2>… <vlan n>)

One very important factor here that one should always consider while working on this command is,

When it is found that the command is already configured on the switch interface with an existing set of Vlans are allowed in it, so now the potential task is to either add some additional Vlans into the existing Vlan list or to remove Vlans from existing allowed Vlan list.

This can be configured by adding “add” or “remove” as an extra keyword in the original command. The example is as follows.

When the command is already found configured on the switch interface then try not to reconfigure this command with its original form again without adding “add” or “remove” keywords, because this interface level command will simply override the existing configured command and so it will override the existing allowed Vlan list of the trunk. This action will surely lead to loss of connectivity in the network. Therefore, precautions should be taken while dealing with this command.

Although, the set of Vlans are allowed over the trunk link but it is not necessarily possible always that the traffic will flow for all those allowed Vlans over that trunk link because the other mechanisms are also there to restrict the traffic flow of Vlans over trunk link even if those Vlans are permitted in allowed Vlan list on that trunk. Such restrictions can be experienced because of following.

1) Every Vlan permitted in allowed Vlan list should be configured in Vlan database of either side switches of that trunk link. Failure to have this configuration in place will result into that Vlan traffic will get forbidden over the trunk link.

2) Vlans can also be simply pruned on the switch. When the Vlan is pruned on the switch, the traffic for that Vlan will not get forwarded on trunk link even if that Vlan is permitted in the allowed Vlan list on the trunk link.